Q over security?

Superman · 09-05-2004 6:59pm #1

Hi,

I have a wlan and using a linksys router, i have 2pc's and my modem connected via ethernet, and another PC hooked up by Wifi. The only security i'm using at the moment is a MAC filter to allow only pc's want to be on the wifi.
question is:

is that good enough to stop most people leeching my wifi? i' m not pushed over the WEP because my data is never that secret.

seamus · 09-05-2004 7:06pm

For a personal setup, I'd say it's more than enough. If you're more concerned about bandwidth leeching than information security, then only supplying IPs to known MAC addresses should keep you locked against all but the most determined people.

This information is a little vague and possibly wrong. I had a rough night

Rew · 09-05-2004 11:38pm

MAC address filtering is easy to defeat:

-Sniff valid MAC address
-Change card MAC to match

You would notice problems thopugh as 2 identical MAC's cannt co-exist.

You would be well advised to turn on WEP (128bit if its supported) and hide the ESSID of your network, that will keep out all but the most determined people.

hostyle · 10-05-2004 12:01am

To be honest WEP cracking is just as easy as MAC cloning to anyone with the know-how. Neither is secure. Using either or both is more secure but still not secure. I only use MAC filtering but I live close to the middle of nowhere.

Superman · 10-05-2004 1:06am

Originally posted by hostyle
I only use MAC filtering but I live close to the middle of nowhere.

Well if its good enough for you i'll stuck with it!

Rew · 10-05-2004 10:01am

Originally posted by hostyle
To be honest WEP cracking is just as easy as MAC cloning to anyone with the know-how. Neither is secure. Using either or both is more secure but still not secure. I only use MAC filtering but I live close to the middle of nowhere.

Its a petty common idea that WEP cracking is easy but:

Airsnort and the likes dont work for every brand of AP

It can take a long time to collect enough data to crack a 128bit key on a home lan as there isnt a huge amount of traffic

Breaking a MAC restriction takes seconds breaking WEP would take hours or days and much more technical know how. You really should use it as well as the MAC restrictions and hidden ESSID.

Jaden · 10-05-2004 3:14pm

With MAC filtering on, 128bit WEP enabled, and your SSID broadcast off, you're as safe as you need to be.

I could use Airsnort or Kismet to find the hidden access point. I could spoof the MAC address, then I could sniff the gig or so of data needed to break a 128 bit WEP key.

Frankly, even after doing all that, and going unnoticed, all I would have is Internet access and a chance to maybe get some data off any LAN PCs. PGP encryption would sort that out.

Frankly, it wouldn't be worth the effort. Anyone who would be able to do all that, prolly wouldn't be bothered.

There are too many unsecured wireless access points floating about, why kill yourself?

Your Goldfish Porn collection is safe, relax.

As for the poster who think becasue he's in a remote area, no-one will find him - Newsflash, security through obscurity is a BIG mistake.

hostyle · 10-05-2004 3:45pm

Originally posted by Jaden
As for the poster who think becasue he's in a remote area, no-one will find him - Newsflash, security through obscurity is a BIG mistake.

Yes you are correct, but this is a home LAN. I don't have important / confidential data floating around. I check the logs regularly and have my own logging going on aswell. Its too much hassle going around to every PC / laptop here and next door updating WEP keys and other crap. But you are correct.

Tom Dunne · 10-05-2004 4:47pm

Originally posted by Rew
MAC address filtering is easy to defeat:

-Sniff valid MAC address
-Change card MAC to match

How is this possible? I thought MAC address were burned into ROM somewhere on the NIC?

Rew · 10-05-2004 10:09pm

Firmware is still software and some cards will let you change the burned MAC for another one...

Wired NIC's have been like that for years.

Rew · 10-05-2004 10:12pm

Originally posted by hostyle
Yes you are correct, but this is a home LAN. I don't have important / confidential data floating around. I check the logs regularly and have my own logging going on aswell. Its too much hassle going around to every PC / laptop here and next door updating WEP keys and other crap. But you are correct.

Google for RADIUS and 802.1x

hostyle · 11-05-2004 9:40am

Found freeRADIUS - very nice. Will look into this more. Has anyone successfully implemented this on a mostly W2k / XP network?

Also found information about the posible future of WLAn security: 802.11i

Rew · 11-05-2004 11:03am

802.11i should be available by the end of the year have a look here:

http://www.theregister.co.uk/2004/05/06/wi-fi_update/

802.1x isnt actually secure but it gernarlly raises the bar abouve WEP cracking...

hostyle · 11-05-2004 11:10am

Hopefully 802.11i just requires firmware upgraded on 802.11g equipment. *crosses fingers*

Duffman · 11-05-2004 6:06pm

Originally posted by Superman
Hi,
is that good enough to stop most people leeching my wifi? i' m not pushed over the WEP because my data is never that secret.

You should use some kind of encryption anyway. Remember that a packet sniffer can collect any passwords you use for websites, POP3 email, ftp etc... They appear in plain txt unless you're using SSL..

RicardoSmith · 27-05-2004 8:45am

Newbie question here.

Encryption - PGP is any of this freeware?

Hw do you turn MAC filtering on, enable 128bit WEP , and tuen off your SSID broadcast?

What logs can I turn on and check?

Superman · 27-05-2004 12:18pm

thats a lot of q's i suggest you check your wireless manual or website of the maker.

tomk · 27-05-2004 2:13pm

Originally posted by RicardoSmith
Encryption - PGP is any of this freeware?

GPG is a free open-source replacement for PGP.

Q over security?

Comments